mirror/php-adminer
1
0
Fork 0
mirror of https://github.com/vrana/adminer.git synced 2025-08-09 16:17:48 +02:00
Code Issues Releases Wiki Activity

Trust user-supplied token with login

Browse Source 
git-svn-id: https://adminer.svn.sourceforge.net/svnroot/adminer/trunk@1248 7c3ca157-0c34-0410-bff1-cbf682f78f5c
This commit is contained in:
jakubvrana
2009-11-20 17:29:35 +00:00
parent cca3b36e03
commit 7d834847d1
1 changed files with 4 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
adminer/include/auth.inc.php
View File

@@ -48,13 +48,6 @@ function auth_error($exception = null) {
page_footer("auth"); page_footer("auth");
} }
if (!$_SESSION["tokens"][$_GET["server"]]) {
$_SESSION["tokens"][$_GET["server"]] = rand(1, 1e6); // defense against cross-site request forgery
if ($_POST["token"]) {
$_POST["token"] = $_SESSION["tokens"][$_GET["server"]];
}
}
$username = &$_SESSION["usernames"][$_GET["server"]]; $username = &$_SESSION["usernames"][$_GET["server"]];
if (!isset($username)) { if (!isset($username)) {
$username = $_GET["username"]; // default username can be passed in URL $username = $_GET["username"]; // default username can be passed in URL
@@ -65,3 +58,7 @@ if (is_string($connection) || !$adminer->login($username, $_SESSION["passwords"]
exit; exit;
} }
unset($username); unset($username);
if (!$_SESSION["tokens"][$_GET["server"]]) {
$_SESSION["tokens"][$_GET["server"]] = (isset($_POST["server"]) && $_POST["token"] ? $_POST["token"] : rand(1, 1e6)); // defense against cross-site request forgery
}